[CVE-2011-1746] agp: fix OOM and buffer overflow
Andy Whitcroft
apw at canonical.com
Thu Jun 2 16:38:50 UTC 2011
CVE-2011-1746
Multiple integer overflows in the (1) agp_allocate_memory and (2)
agp_create_user_memory functions in drivers/char/agp/generic.c
in the Linux kernel before 2.6.38.5 allow local users to trigger
buffer overflows, and consequently cause a denial of service
(system crash) or possibly have unspecified other impact, via
vectors related to calls that specify a large number of memory
pages.
This fix was applied to Oneiric, Natty, and Lucid via mainline and
stable updates. Following this email is a patch which applies to both
Hardy and Maverick, this is a simple cherry-pick from mainline.
Proposing for Hardy and Maverick.
-apw
More information about the kernel-team
mailing list